> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Nathan Vidican > Sent: Friday, 12 January 2007 5:55 AM > To: Mike Meyer; [EMAIL PROTECTED] > Subject: Re: LDAP integration > > Mike Meyer wrote: > > In <[EMAIL PROTECTED]>, Vulpes Velox > <[EMAIL PROTECTED]> typed: > > > >> LDAP is nice organizing across many systems, but if you are just > >> dealing with one computer it is complete over kill for any thing. > >> > > > > In that situation, it's not merely overkill, it's may actually be a > > bad idea. Can you say "AIX SDR"? How about "Windows registry"? > > > > Those system both took the approach of putting all the configuration > > information in a central database. This creates problems because the > > tools needed to examine/fix the config database require a complex > > environment - at least compared to a statically linked copy of > > ed. LDAP may not be so bad, but it still makes me nervous. > > > > On the other hand, if you've got a flock of boxes to > manage, having a > > way to tell the rc subsystem "Go read config values from this LDAP > > server" seems like a very attractive alternative. > > > > <mike > > > Ok, so the general consensus seems to be that it's a good > idea in some > cases and not in others. I myself agree that it should not be part of > the base setup for issues regarding the complication of the base > distribution... but why not make a package for it? > > Take this idea, and run with it... build a package that installs over > the base installation, bundling the LDAP client libs, new rc > structure, > tools, etc all in one shot. Add it to the ports collection > and call it > done. - After all that's the wonder that is opensource... if > ya want to > improve something, go for it - even better if you can contribute your > additions back to the community. > > I think it could be the start of something really handy for those out > there managing large banks of servers... a central configuration > repository, key-based or something where you take a freshly installed > server, and point it to a config 'key', reboot and poof! That server > goes down, simply tell a spare one to use it's config 'key' > and reboot - > back up and running :) You'd get all the redundancy of LDAP, the > organization of a directory tree, and the simplicity of uniform > configuration information. This of course with some assumptions about > storage and backup situations, but hey - it's an idea not a > reality here > I'm talking about. > > Anyways... without digressing way too much, my point was this: if > there's enough people interested in the idea, then collaborate and by > all means try to make something of it. If it works out well, lots of > people start adopting it, THEN we (the FreeBSD community) > should look at > including it as part of the base... until then, make it as a bundled > package or something. I'm using LDAP here for users, groups, > email and > account information shared to many servers - and it works great, but > it's certainly not for everyone and I'd never expect it to come > out-of-the box with everything required to do so. Have to weigh the > benefits against the costs. > > This thread keeps arguing the good or the bad points of doing > this - and > it seems to me not something worth arguing the merits of. If > you believe > in it enough, then do it or at least try it. Lets move on from if we > should or shouldn't, and look more to HOW we could... > > Just my two and a half cents. > > > -- > Nathan Vidican > [EMAIL PROTECTED] > Windsor Match Plate & Tool Ltd. > http://www.wmptl.com/
I would be in favour of this being put together asa port.. says he looking into the future where a multi server / multi service 'system' is lurking. Might be nice for configuring blade server arrays too. mjt Murray Taylor Special Projects Engineer Bytecraft Systems E: [EMAIL PROTECTED] -- "Any intelligent fool can make things bigger and more complex... It takes a touch of genius - and a lot of courage to move in the opposite direction." --Albert Einstein --------------------------------------------------------------- The information transmitted in this e-mail is for the exclusive use of the intended addressee and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of it, or the taking of any action in reliance upon this information by persons and/or entities other than the intended recipient is prohibited. If you received this in error, please inform the sender and/or addressee immediately and delete the material. E-mails may not be secure, may contain computer viruses and may be corrupted in transmission. Please carefully check this e-mail (and any attachment) accordingly. No warranties are given and no liability is accepted for any loss or damage caused by such matters. --------------------------------------------------------------- ### This e-mail message has been scanned for Viruses by Bytecraft ### _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
